espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-31 19:24:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

mbedtls: Prevent arithmetic overflow on bounds check

Browse Source 
Part of the patch for CVE-2018-9988.
Cherry-pick of 027f84c69f
Ref. https://github.com/espressif/esp-idf/issues/1860
This commit is contained in:
Ivan Grokhotkov
2018-04-19 11:45:54 +08:00
parent 67ba85650d
commit b42ba1b0a5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/mbedtls/library/ssl_cli.c
View File

@@ -2473,7 +2473,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
sig_len = ( p[0] << 8 ) | p[1];
p += 2;
if( end != p + sig_len )
if( p != end - sig_len )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,